Skip to content

chore: update reusable docker pipeline to v0.18.1#224

Open
mpastecki wants to merge 1 commit intomainfrom
chore/update-docker-pipeline-v0.18.1
Open

chore: update reusable docker pipeline to v0.18.1#224
mpastecki wants to merge 1 commit intomainfrom
chore/update-docker-pipeline-v0.18.1

Conversation

@mpastecki
Copy link

@mpastecki mpastecki commented Mar 24, 2026

Summary

  • Update reusable_docker_pipeline.yml to v0.18.1 (0adff9d36a)

What's new in v0.18.1

  • Scan-before-push: images are scanned locally before any registry push
  • 4-scan model: filesystem vulns, filesystem secrets, image vulns, image secrets
  • Secret scanning for source code and Docker layers (CRITICAL, HIGH)
  • SARIF upload to GitHub Security tab (public repos)
  • Scan results in GitHub Actions Job Summary
  • Hadolint lint failures block image publishing

@github-actions
Copy link

github-actions bot commented Mar 24, 2026

🔐 Commit Signature Verification

All 1 commit(s) passed verification

Commit Author Signature Key Type Key Check
92af77df86b1 Marcin sk-ssh-ed25519

Summary

  • Commits verified: 1
  • Signature check: ✅ All passed
  • Key type enforcement: ✅ All sk-ssh-ed25519

Required key type: sk-ssh-ed25519 (FIDO2 hardware key)

Last verified: 2026-03-24 09:25 UTC

@mpastecki mpastecki mentioned this pull request Mar 24, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mpastecki